Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/zjk_Q0cuhc64VIKYYz21Nn1FeuY.roa
File: zjk_Q0cuhc64VIKYYz21Nn1FeuY.roa (raw, json)
Hash identifier: QT/lZQEqi1XWX7KpVpVaaWmL3tWknjlE6VhT8EYJkqk=
Subject key identifier: CE:39:3F:43:47:2E:85:CE:B8:54:82:98:63:3D:B5:36:7D:45:7A:E6
Certificate issuer: /CN=229a038176c796ea4f2769f6be3cace1a3597634
Certificate serial: 018CC3B686B76E7B4B41B26CFF7B7BFAFBFB
Authority key identifier: 22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/zjk_Q0cuhc64VIKYYz21Nn1FeuY.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34722
IP address blocks: 185.160.16.0/24 maxlen: 24
185.160.17.0/24 maxlen: 24
185.160.16.0/22 maxlen: 22
185.160.19.0/24 maxlen: 24
185.160.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 09:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:86:b7:6e:7b:4b:41:b2:6c:ff:7b:7b:fa:fb:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229a038176c796ea4f2769f6be3cace1a3597634
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce393f43472e85ceb8548298633db5367d457ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e6:53:d2:60:13:de:ba:7f:5a:bf:c6:bf:a3:
87:38:71:2f:c2:4f:99:c8:8e:4f:09:79:03:94:a8:
4e:c8:2b:73:af:4d:f6:34:0e:69:14:c1:ce:25:42:
24:c5:20:fc:33:8d:49:85:8a:15:8a:23:83:c6:28:
62:b8:11:6e:2f:8e:5f:12:5c:c4:aa:94:25:13:83:
e6:c8:4c:c0:a4:cc:4d:4d:74:08:41:02:09:17:24:
cc:f4:02:a9:de:f1:4c:ca:65:79:7d:3c:60:5b:83:
a8:25:13:7f:7f:ca:66:c1:7f:8e:f9:ed:d2:dd:4e:
f9:95:16:17:0b:06:3f:02:91:be:a1:0f:3e:b2:f3:
56:28:a3:db:44:6c:1e:b8:8b:28:6f:33:2d:c3:47:
cd:ac:2a:9b:c2:99:4b:ba:63:5d:29:5d:84:16:47:
9a:49:64:ed:74:f3:a9:4e:0c:66:c9:f8:3f:ff:29:
89:75:51:e1:70:d4:57:50:5c:06:f4:6c:d7:92:bd:
f2:4e:ac:c0:55:17:90:0d:7d:54:ce:7d:b5:e0:15:
7c:38:46:88:de:8f:79:88:54:56:c5:7a:44:d7:f0:
2f:60:98:2e:e2:f6:21:0a:7f:cb:31:ca:f1:eb:46:
21:24:39:61:ef:07:ca:da:c4:dd:7d:14:79:7e:6a:
b8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:39:3F:43:47:2E:85:CE:B8:54:82:98:63:3D:B5:36:7D:45:7A:E6
X509v3 Authority Key Identifier:
keyid:22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/zjk_Q0cuhc64VIKYYz21Nn1FeuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.16.0/22
Signature Algorithm: sha256WithRSAEncryption
37:fb:6e:57:84:4b:62:31:5b:1c:cf:97:a4:dc:4d:92:c3:32:
08:53:76:f5:5c:a0:fe:3b:1d:01:5f:b4:55:08:f4:13:71:a7:
ed:86:7e:aa:58:c2:71:49:44:2c:e1:71:bd:00:97:ff:af:ba:
7b:33:4a:4e:37:cf:53:82:fa:45:0b:df:0c:95:c8:88:47:4d:
c6:be:4b:c4:2d:02:d2:ca:75:9f:f6:22:65:c0:b1:66:ca:82:
ca:0e:5a:a3:b6:37:e9:08:dd:4a:e8:d6:4e:fb:e9:60:cb:a8:
f1:47:ce:4b:60:cb:10:95:95:f0:6e:da:1a:31:52:68:43:0d:
7a:6a:55:a9:72:85:70:9e:53:5f:ec:50:6d:5c:4e:bc:ed:c7:
cf:55:3c:33:52:71:0a:55:52:74:60:e6:33:e5:40:3c:0f:1c:
e8:07:99:95:d8:9a:eb:04:53:69:07:25:93:2f:49:55:56:5c:
f1:e8:04:c4:89:d7:6f:74:3b:98:94:78:0e:83:ef:3f:f8:9c:
ec:a6:1d:16:07:63:ed:99:82:01:f5:48:cf:2c:2d:ba:87:78:
71:a9:d4:b0:14:d6:bc:21:65:a7:71:3b:99:51:34:ba:e5:4d:
8f:c9:5d:bc:94:54:b0:f5:b9:b5:44:35:cc:fd:e8:f4:f7:5f:
8e:ee:06:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtoa3bntLQbJs/3t7+vv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWEwMzgxNzZjNzk2ZWE0ZjI3NjlmNmJlM2NhY2UxYTM1
OTc2MzQwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTM5M2Y0MzQ3MmU4NWNlYjg1NDgyOTg2MzNkYjUzNjdkNDU3YWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeZT0mAT3rp/Wr/Gv6OHOHEvwk+Z
yI5PCXkDlKhOyCtzr032NA5pFMHOJUIkxSD8M41JhYoViiODxihiuBFuL45fElzE
qpQlE4PmyEzApMxNTXQIQQIJFyTM9AKp3vFMymV5fTxgW4OoJRN/f8pmwX+O+e3S
3U75lRYXCwY/ApG+oQ8+svNWKKPbRGweuIsobzMtw0fNrCqbwplLumNdKV2EFkea
SWTtdPOpTgxmyfg//ymJdVHhcNRXUFwG9GzXkr3yTqzAVReQDX1Uzn214BV8OEaI
3o95iFRWxXpE1/AvYJgu4vYhCn/LMcrx60YhJDlh7wfK2sTdfRR5fmq4eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM45P0NHLoXOuFSCmGM9tTZ9RXrmMB8GA1UdIwQY
MBaAFCKaA4F2x5bqTydp9r48rOGjWXY0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQt
ZGMyMzAxZmJiYjdjLzEvemprX1EwY3VoYzY0VklLWVl6MjFObjFGZXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQtZGMyMzAxZmJiYjdj
LzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaAQMA0G
CSqGSIb3DQEBCwUAA4IBAQA3+25XhEtiMVscz5ek3E2SwzIIU3b1XKD+Ox0BX7RV
CPQTcafthn6qWMJxSUQs4XG9AJf/r7p7M0pON89TgvpFC98MlciIR03GvkvELQLS
ynWf9iJlwLFmyoLKDlqjtjfpCN1K6NZO++lgy6jxR85LYMsQlZXwbtoaMVJoQw16
alWpcoVwnlNf7FBtXE687cfPVTwzUnEKVVJ0YOYz5UA8DxzoB5mV2JrrBFNpByWT
L0lVVlzx6ATEiddvdDuYlHgOg+8/+Jzsph0WB2PtmYIB9UjPLC26h3hxqdSwFNa8
IWWncTuZUTS65U2PyV28lFSw9bm1RDXM/ej091+O7gY6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:57 2025 by rpki-client